<?php
session_start();

//start a session to get member id
$memberid = $_SESSION['member_id'];

//open connection
mysql_connect('localhost', 'root', '') or die("Connection Failed");
mysql_select_db("mydb") or die("Connection Failed");
// if the conference id from the referred page is available
if (isset($_GET['conference_id'])) {

    // Get the conference id from the referred page
    $confid = intval($_GET['conference_id']);

    $get_name = mysql_query("Select long_name From conference Where conference_id = '$confid'") or die(mysql_error());
    $Get_name = mysql_fetch_assoc($get_name);
    echo "<h1>{$Get_name['long_name']}</h1>";
    echo "<h2>Submit a paper</h2>";
}
?>


<html>
    <head>


        <title></title>
        <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">

        <link href="style3.css" rel="stylesheet" type="text/css" />
    </head>

    <form action= "" method="post" enctype="multipart/form-data" onsubmit="return validate(this);" >

        <input type="file" name="paper" accept="pdf" id="paper" />  </br>
        <?php
//select the category ids of the categories in that conference which their submission deadlines are after the current date
        $getcategID = "SELECT CC.category_id, category
                              FROM category C, conference_category CC
                              WHERE conference_id =  '$confid' AND  C.category_id = CC.category_id AND submission_date > NOW()";

        $getCatID = mysql_query($getcategID);
// select the names of the categories
        echo "<select name=\"Category\">";
//make the drop down list as the number of rows of the categories 
        if (mysql_num_rows($getCatID)) {
// get the id of the category selected
            while ($line = mysql_fetch_assoc($getCatID)) {
                echo "<option value='" . $line['category_id'] . "'> $line[category]</option>";
            }
        }
//if there wasn't anything selected print the following
        else {

            echo "<option> No category Present </option>";
        }

//create the submit button by the following line
        ?>

        </br>

        <input type="submit" name="submit" value="submit" /> 
        </br>

        <?php
// Check if a file has been submitted
        if (isset($_FILES['paper'])) {
// Make sure the file was sent without errors
            if ($_FILES['paper']['error'] == 0) {
//check if the size of the file exceeds 1 MB the maximum size then print a message for the user
                if ($_FILES['paper']['size'] > 2000000) {
                    echo 'The size of the file exceeds the maximum size.Please choose a file of size less than 1 MB';
                } else {
                    //check if the file type is not pdf so print a message for the user since the allowed type is pdf only
                    if ($_FILES['paper']['type'] != 'application/pdf') {
                        echo 'Please only choose a pdf file, other types are not allowed to be submitted';
                    }
                    //if its type is pdf so continue submitting
                    else {


// Gather all required data such as the name of the paper,size and the selected category and save its path.
                        $name = $_FILES['paper']['name'];
                        $target_path = "paper/" . $_FILES['paper']['name'];
                        move_uploaded_file($_FILES['paper']['tmp_name'], $target_path);


//set the id of the selected category by a variable
                        $category = $_REQUEST['Category'];

//if the user click the submit button 
                        if (isset($_POST['submit'])) {
// Create the SQL query which is adding the paper submitted
                            $insertpaper = " INSERT INTO `paper` (`paper_title`, `category_id`, `date_of_submission`,`status`,`conference_id`,`author_id`)
                        VALUES ('$name', {$category} ,NOW(),'To be reviewed', '$confid' ,'$memberid')";
                            $insert_paper = mysql_query($insertpaper) or die(mysql_error());

//put the paper id which is autoincremented from the insertion in a new variable to insert it in table Version
                            if ($insert_paper) {
                                $last_autoincrement_id = mysql_insert_id();
                            }
                            $insertversion = "INSERT INTO `version` (`paper_id`,`path`)
                                VALUES('{$last_autoincrement_id}','{$target_path}')";
                            $insert_version = mysql_query($insertversion) or die(mysql_error());
                            include ("statics.php");
                            // Execute the query
                            $last_autoincrement_versionid = mysql_insert_id();
                            exec("pdftohtml -c -noframes " . escapeshellcmd($target_path));
                            iReformat($last_autoincrement_versionid);
//Set Role 
//select the role of the user doing the action using his id and the conference id and fetch it
                            $getRoleofUser = mysql_query("SELECT role FROM privileges p, member_privileges mp
                                Where  p.privileges_id = mp.privileges_id 
                                AND mp.member_id = '$memberid' AND mp.conference_id='$confid'") or die(mysql_error());
                            $isAuthor = false;
                            while ($getRole = mysql_fetch_assoc($getRoleofUser)) {
                                if ($getRole['role']=='author') {
                                    $isAuthor = true;
                                    break;
                                }
                            }
                            // if his role was not an author or an organizer in that conference
                            if ($isAuthor == false) {
                                echo "here";
                                $type = 'author';
                                // select the privilege id of author and fetch it
                                $getprivID = mysql_query("SELECT `privileges_id` FROM `Privileges` WHERE `role` = '" . $type . "'")
                                        or die(mysql_error());
                                $getpriv_id = mysql_fetch_assoc($getprivID);
                                // then set the role of the user into an author
                                $setToAuthor = mysql_query("INSERT INTO`member_privileges` (`member_id`,`privileges_id`,`conference_id`)
                                     VALUES('$memberid','" . $getpriv_id['privileges_id'] . "','$confid')") or die(mysql_error());
                            }
                            //Check if it was successful
                            if ($insert_paper && $insert_version) {
                                if (isset($_GET['new'])) {
                                    isNewMember();
                                }
                                echo '<script type="text/javascript">',
                                'alert("The paper has been successfully uploaded");',
                                '</script>';
                            } else {
                                echo 'Error! Failed to insert the file';
                            }

                            //check if he his role is set to author if he was not an author or an organizer in that conference
                            if (isset($setToAuthor)) {
                                 echo '<script type="text/javascript">',
                                'alert("And you are now an author in this conference");',
                                '</script>';
                 }
                            // Close the mysql connection
                            mysql_close();
                        }
                    }
                }
            }
            //if there was an error while inserting the file print the following message
            else {
                echo 'There is an error while inserting the file!';
            }
        }

// Author: Rana Tarek
        function isNewMember() {
            // get the member_id sent from the previous page (incomingRequests.php)
            $member_id = $_GET['member_id'];
            // get the conference id sent from the previous page (incomingRequests.php)
            $confid = $_GET['conference_id'];
            // get the request id sent from the previous page (incomingRequests.php)
            $request_id = $_GET['request_id'];
            // check if the url contains the word 'new', which indicated that this member is still accepting a request to become an author
            // update the approve field to true
            mysql_query("UPDATE member_request_member SET approve = '1' where member_id2 = '$member_id' and conference_id= '$confid' and type = 'A'
              and request_id ='$request_id'") or die('here1' . mysql_error());
        }
        ?>

    </body>                       
</html>
<head>
    <script src="sysJavascript.js" language="javascript">
    </script>
</head>

